django/docs/releases/4.2.20.txt

===========================
Django 4.2.20 release notes
===========================

*March 6, 2025*

Django 4.2.20 fixes a security issue with severity "moderate" in 4.2.19.

CVE-2025-26699: Potential denial-of-service vulnerability in ``django.utils.text.wrap()``
=========================================================================================

The ``wrap()`` and :tfilter:`wordwrap` template filter were subject to a
potential denial-of-service attack when used with very long strings.